search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2019-09-06 2019-09-06 2019-09-18 VU#672565 5.9 Exim fails to properly handle trailing backslashes in string_interpret_escape()
2019-08-14 2019-08-14 2019-09-03 VU#918987 7.8 Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
2019-08-13 2019-08-13 2019-09-03 VU#605641 0 HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion
2019-08-01 2019-07-18 2019-08-01 VU#489481 0 Cylance Antivirus Products Susceptible to Concatenation Bypass
2019-07-17 2019-07-16 2019-07-17 VU#790507 3.9 Oracle Solaris vulnerable to arbitrary code execution via /proc/self
2019-07-15 2019-07-15 2019-07-15 VU#129209 0 LLVMs Arm stack protection feature can be rendered ineffective
2018-05-08 2018-05-08 2019-07-11 VU#631579 5.3 Hardware debug exception documentation may result in unexpected behavior
2019-06-20 2019-06-17 2019-07-08 VU#905115 5.0 Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels
2019-01-28 2019-01-21 2019-06-21 VU#465632 7.5 Microsoft Exchange server 2013 and newer are vulnerable to NTLM relay attacks
2019-06-04 2019-02-19 2019-06-19 VU#576688 4.2 Microsoft Windows RDP can bypass the Windows lock screen
2019-05-22 2019-05-21 2019-06-12 VU#119704 6.4 Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability
2019-04-12 2019-04-10 2019-06-05 VU#871675 7.0 WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant
2019-06-01 2019-06-01 2019-06-03 VU#877837 5.5 Multiple vulnerabilities in Quest Kace System Management Appliance
2019-05-03 2019-05-03 2019-05-22 VU#169249 7.8 PrinterLogic Print Management Software fails to validate SSL certificates or the integrity of software updates.
2018-11-06 2018-11-05 2019-05-21 VU#395981 4.0 Self-encrypting hard drives do not adequately protect data

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.